Okay, can someone give a good guess as to what's the real reason to do this? Not like all the feel-good BS - what's the business case? How is this gunna make them money?
It seems this just makes them lose access to a ton of data to mine for advertisement. I chat with a friend on IG about something and I immediately get ads for it. It's a bit creepy, but I feel it's working the way they'd want it to (never bring up watches, you will get watch ads for the next 6 months)
Are they bleeding a lot of user to Signal/Telegram b/c they lack encryption? (my impression is only nerds care about encryption)
Are they getting harassed by requests from law enforcement?
Are they in hot water b/c of child porn?
Do they need plausible deniability?
I don't really get why they're rolling this out. Like what's their angle. Seems like something users don't care too much about and they lose a ton of valuable data
They must be able to do good targeted advertising without message contents, with public likes and other data on scrolling behavior, especially as AI tools improve. Maybe having this data is more trouble than it's worth. Data is a liability as well as an asset.
Since they control the client, is it possible that the "ad profiling" can still take place on the client, after the message is received and decrypted for visualisation?
The E2EE only means the message is not readable "in transit" (as in after it leaves a Facebook client)
“What self interested, selfish reason do these terrible people have to this ostensibly good thing?” - paraphrasing your question.
Answer - Message content wasn’t used for advertising. I believe it had been tried at some point and found to be sort of useless. But people like you won’t believe that, so end to end encryption might help build trust and increase engagement.
Given that E2EE messengers usually require being run on a smartphone as primary device, my guess is that they are trying to push the last remaining non-app-and-web-only users to their messenger app.
What’s the total cost of encryption engineering / bau? I assume the ‘Facebook cares about my privacy’ goodwill from unknowing users will be worth more, but building a ‘secure’ public reputation has to start somewhere.
They can easily identify what and who you're talking to with message metadata, which is usually not encrypted. They can cooperate with government agencies this way. You don't need to know the exact content of a message, you just need to know who you're talking to and when.
Well, it’s encrypted in transit, maybe encrypted in their storage on their backend. But when the text, after being decrypted, appears in their textviews and websites I don’t think it is not kosher for them to tag every single word and glean lots of data/metadata from there and send home do their magic without associating with the identity. I thought that is something that is given. They also have not touched upon it. Except maybe the “Logging limitations” part - that section read like hogwash to me.
A kind of fatigue is setting in when it comes to Fb messenger and Instagram. They have already bloated these apps and they can’t really add any other gimmicks. So they are trying the “other” gimmick now.
My take is or guess is - they are doing it because they really have nothing else to do.
Complying with warrants and other requests has a cost. By claiming not to have access to them, they can save money. I think they or some other advertisers have used the actual messages before, but concluded it was too noisy to be worth it.
My guess is deniability, just like Apple. Apple wanted to make CSAM detection work and make iPhone essentially a weapon law, but when their users hit back, they just made iCloud e2ee. With the number of child predators on FB, I am guessing that Meta wants to wash their hands of responsibility.
Their history approach is interesting, supporting key rotations as well.
However, metadata is still un-encrypted, same as on whatsapp. Meta knows who you talk to, and when - this is juicy enough for both ad-targeting, and government surveillance.
I assume users must still be able to send messages from different devices, just by entering their login data into a new Messenger client.
According to their paper, they are doing client fan-out:
"Messenger uses this "client-fanout" approach for transmitting messages to multiple devices, where the Messenger client transmits a single message `N` number of times to `N` number of different devices. Each message is individually encrypted using the established pairwise encryption session with each device."
This means, the system is only as secure as its client registration protocol. They don't write a lot about it:
"At registration time, a Messenger client transmits its public Identity Key, public Signed Pre Key (with its signature), and a batch of public One-Time Pre Keys to the server. The Messenger server stores these public keys associated with the user's device specific identifier. This facilitates offline session establishment between two devices when one device is offline."
If I interpret this correctly, the server can, at any time it desires, silently add new clients. Those devices will receive all messages directed at that user, and will be able to decrypt it.
I guess that's in line with their bla-bla about setting user expectations:
"Our focus is on determining the appropriate boundaries, ensuring that we remain true to our commitments, setting the correct user expectations, and avoiding creating meaningful privacy risks, while still ensuring that the product retains its usefulness to our users."
Don't forget, their commitments are making profit and exploiting user data.
> Typically, E2EE messaging services rely on local storage and encryption keys to secure encrypted messages. Messenger, however, has a long history of storing people’s messages for them so that they can access them whenever they need without having to store them locally. That’s why we’ve designed a server-based solution where encrypted messages can be stored on Meta’s servers while only being readable using encryption keys under the user’s control.
I remember Telegrams founder saying they don't use E2EE because you can't store messages with full E2EE, which obviously BS because matrix does it, and now Facebook too.
It’s also obviously BS since the end-to-end encrypted data in their secret chats passes through their server tier. They could simply save it!
The fact that they go to such lengths to convince us that they are doing a favor with their insecure-by-default approach has always rubbed me the wrong way.
They transmit the messages twice, once to relay to recipients via e2ee (signal), and the other to the storage backend using a different e2ee approach (labyrinth).
With their proprietary client it does not matter how secure is a protocol. There's always a risk of bad update or total compromise. And of course ads need to be targeted.
I can never get excited about E2EE encryption... It's not because it isn't important, it's because while I've lived I've had 2 phones die in my hands, 2 family members have lost phones (one of which is sitting at the bottom of an ocean and is clearly unrecoverable), and phones are consumables that change every few years.
I see there's some effort here on history sharing. Does that effort allow recovery of a chat history after an unrecoverable death of a primary phone? That's (honestly) the only usability thing I care about when it comes to E2EE.
Meta gets a lot of flak for privacy, but at the same time, they end to end encrypt the majority of communication happening globally (Whatsapp+Messenger), at cost to the company, with no obligation to do so.
If by "cost" you mean Meta being in the business of siphoning user behaviour, Meta controls the E in E2E a.k.a the apps, so it's a matter of trusting them to not do covert on-device analysis + result exfiltration.
No company is obligated to do anything. Such lack of obligation is not sufficient reason to praise companies that do the bare minimum to keep user data safe. Sure they aren't obligated but how on earth does that matter?
Good for Meta and their user base! It's great to see Big Tech follow suit. We've been doing this for a decade already as only end-to-end encryption can truly protect data.
Plus, it's going to help with fighting bills like the Online Safety Bill and Chat Control when huge corporations join us; so bottom line: great news!
They already have an end-to-end encrypted messaging application: it's called WhatsApp. I have seen so many people (and have myself been) bitten by WhatsApp's E2E implementation: messages lost because your phone was barely online and you "read" the message but didn't fully receive it, leaving you to awkwardly ask people to re-send things. Plus the constant need to backup your messages because if you don't you can lose access to them forever. Plenty of my family have lost messages/images that were sent to them and were important to them.
I'd rather not deal with this. Sometimes I want all my messages to be stored on a big company's servers. They should at least give people the option to choose.
Apparently in FB Messenger, conversations will still be stored in the cloud, albeit encrypted:
> Messenger has always allowed clients to operate off of a small stored local cache, relying on a server-side database for their message history. Neither WhatsApp nor Secret Conversations operated in this manner, and we didn’t want all users to have to rely on a device-side storage system. Instead, we designed an entirely new encrypted storage system called Labyrinth, with ciphertexts uploaded to our servers and loaded on-demand by clients, while operating in a multi-device manner and supporting key rotation when clients are removed.
The big company does not want to store your messages, as they need to deal with Chinese, Turkish, Saudis and other people whose messages someone wants to read. If there is “nothing to read” (let’s forget about metadata) then governments and such should abuse the system less.
Sometimes I feel like these are the “plastic-free bag” solution[0] designed to make the market embrace the “tried and true” old way.
[0] There was this chip bag from a major chip manufacturer and it proudly claimed the bag was plastic free (might even have been compostable), but it was the thinnest, loudest, crinkliest bag you’d ever heard. It seemed like the chip manufacturer board meeting went like this: “The people want us to cut out plastic! For the environment or something. Don’t they know how much easier and more profitable plastic bags are?? You know what? If they want plastic-free we’ll give them plastic-free... We’ll make them regret even asking...”
That bag didn’t last long before it vanished never to be seen again.
> Message contents are authentically and securely transmitted between your devices and those of the people you’re talking to. This is, perhaps, the primary goal of E2EE, and is where much E2EE research and design work is targeted, such as the Signal protocol we use in our products (such as WhatsApp, Messenger, and Instagram Direct), or the IETF’s Messaging Layer Security protocol, which we helped to design and was recently standardized.
This is at the same time as they've announced they're getting rid of encrypting their outgoing messages with PGP! (If you add your public key of course!)
I was always very impressed by this-- every service that sends emails should support this. Even banks don't!
Regular people talk illegal things on messenger all the time, and if law enforcement gets addicted to sweet data requests, users will flee to wherever.
E2E messaging is a better product. Offering it free (at a loss) makes it hard to beat.
What's more, some major govts may be prompted to ban E2E, so they keep their data and kill Signal and others, while they are the 'good guys'.
FB can probably create a 99% accurate ad profile on you with just metadata, likes and tracking you on the web. If not they can push local profiling models on your phone.
With all that said, I still think it is a genuinely good thing for humanity as it is now, and I am cautiously optimistic.
I don’t know how Meta will benefit from this (perhaps they are protecting themselves from upcoming regulations in EU). Important question is who is owning the key, if they own the key, that means nothing in terms of protection against their usage.
Even if they don’t have the key, they don’t even care about messages itself anymore
1. It’s risky business, regulations might hit you hard
2. Metadata is good enough for them
3. They own the client, so they know how to extract more than useful data in the end.
E2EE is important marketing trick nowadays, most users see it as if this makes them completely anonymous to companies like Meta.
After all ads are their only source of generating money. They will do whatever it takes to satisfy advertisers, not the users.
So the client basically transmits the messages twice - once to relay to recipients via e2ee a la signal which specifically prevents the decryption of historical messages (forward secrecy), and the other to the storage backend using a different e2ee approach which allows the recovery of history (labyrinth via epoch segmentation and back-chaining of secrets).
[+] [-] contact9879|2 years ago|reply
Messaging: https://engineering.fb.com/wp-content/uploads/2023/12/Messen...
Labyrinth E2EE storage: https://engineering.fb.com/wp-content/uploads/2023/12/TheLab...
---
Comments by:
Jon Millican https://twitter.com/JonMillican/status/1732582565884702982
Matt Green https://twitter.com/matthew_d_green/status/17325670516070893...
Alec Muffet https://alecmuffett.com/article/108588
[+] [-] contrarian1234|2 years ago|reply
... “
Okay, can someone give a good guess as to what's the real reason to do this? Not like all the feel-good BS - what's the business case? How is this gunna make them money?
It seems this just makes them lose access to a ton of data to mine for advertisement. I chat with a friend on IG about something and I immediately get ads for it. It's a bit creepy, but I feel it's working the way they'd want it to (never bring up watches, you will get watch ads for the next 6 months)
Are they bleeding a lot of user to Signal/Telegram b/c they lack encryption? (my impression is only nerds care about encryption)
Are they getting harassed by requests from law enforcement?
Are they in hot water b/c of child porn?
Do they need plausible deniability?
I don't really get why they're rolling this out. Like what's their angle. Seems like something users don't care too much about and they lose a ton of valuable data
[+] [-] holmesworcester|2 years ago|reply
Also: https://techcrunch.com/2023/07/11/teen-and-mom-plead-guilty-...
They must be able to do good targeted advertising without message contents, with public likes and other data on scrolling behavior, especially as AI tools improve. Maybe having this data is more trouble than it's worth. Data is a liability as well as an asset.
[+] [-] planb|2 years ago|reply
https://www.eff.org/de/deeplinks/2022/04/eu-digital-markets-...
[+] [-] isodev|2 years ago|reply
The E2EE only means the message is not readable "in transit" (as in after it leaves a Facebook client)
[+] [-] nindalf|2 years ago|reply
Answer - Message content wasn’t used for advertising. I believe it had been tried at some point and found to be sort of useless. But people like you won’t believe that, so end to end encryption might help build trust and increase engagement.
[+] [-] 3836293648|2 years ago|reply
(EU)
[+] [-] viktorcode|2 years ago|reply
[+] [-] viddi|2 years ago|reply
I'm one of them and I don't like this.
[+] [-] shmichael|2 years ago|reply
[+] [-] grey-area|2 years ago|reply
So they could still be sending their server data like ‘likes watches’ without technically breaking the encryption.
[+] [-] camillomiller|2 years ago|reply
[+] [-] hsbauauvhabzb|2 years ago|reply
[+] [-] xinayder|2 years ago|reply
[+] [-] crossroadsguy|2 years ago|reply
A kind of fatigue is setting in when it comes to Fb messenger and Instagram. They have already bloated these apps and they can’t really add any other gimmicks. So they are trying the “other” gimmick now.
My take is or guess is - they are doing it because they really have nothing else to do.
[+] [-] PrimeMcFly|2 years ago|reply
It's about them not losing customers to the competition that does offer E2EE
[+] [-] nicman23|2 years ago|reply
[+] [-] alwayslikethis|2 years ago|reply
[+] [-] gmerc|2 years ago|reply
[+] [-] dancemethis|2 years ago|reply
It's a PR move to _say_ they did it.
[+] [-] zelphirkalt|2 years ago|reply
[+] [-] whatever1|2 years ago|reply
Nearly 1/4 of women have done abortion in their lifetime. And there are also co conspirators like husbands, Uber drivers, nurses and doctors.
[+] [-] BirAdam|2 years ago|reply
[+] [-] captn3m0|2 years ago|reply
However, metadata is still un-encrypted, same as on whatsapp. Meta knows who you talk to, and when - this is juicy enough for both ad-targeting, and government surveillance.
[+] [-] dbrgn|2 years ago|reply
According to their paper, they are doing client fan-out:
"Messenger uses this "client-fanout" approach for transmitting messages to multiple devices, where the Messenger client transmits a single message `N` number of times to `N` number of different devices. Each message is individually encrypted using the established pairwise encryption session with each device."
This means, the system is only as secure as its client registration protocol. They don't write a lot about it:
"At registration time, a Messenger client transmits its public Identity Key, public Signed Pre Key (with its signature), and a batch of public One-Time Pre Keys to the server. The Messenger server stores these public keys associated with the user's device specific identifier. This facilitates offline session establishment between two devices when one device is offline."
If I interpret this correctly, the server can, at any time it desires, silently add new clients. Those devices will receive all messages directed at that user, and will be able to decrypt it.
I guess that's in line with their bla-bla about setting user expectations:
"Our focus is on determining the appropriate boundaries, ensuring that we remain true to our commitments, setting the correct user expectations, and avoiding creating meaningful privacy risks, while still ensuring that the product retains its usefulness to our users."
Don't forget, their commitments are making profit and exploiting user data.
[+] [-] jacooper|2 years ago|reply
I remember Telegrams founder saying they don't use E2EE because you can't store messages with full E2EE, which obviously BS because matrix does it, and now Facebook too.
Now they say there is no "elegant" solution. https://telegram.org/faq#q-why-not-just-make-all-chats-39sec...
[+] [-] pcl|2 years ago|reply
The fact that they go to such lengths to convince us that they are doing a favor with their insecure-by-default approach has always rubbed me the wrong way.
[+] [-] supermatt|2 years ago|reply
[+] [-] zx8080|2 years ago|reply
[+] [-] laserbeam|2 years ago|reply
I see there's some effort here on history sharing. Does that effort allow recovery of a chat history after an unrecoverable death of a primary phone? That's (honestly) the only usability thing I care about when it comes to E2EE.
[+] [-] advisedwang|2 years ago|reply
[+] [-] xvector|2 years ago|reply
[+] [-] lloeki|2 years ago|reply
If by "cost" you mean Meta being in the business of siphoning user behaviour, Meta controls the E in E2E a.k.a the apps, so it's a matter of trusting them to not do covert on-device analysis + result exfiltration.
[+] [-] drsnow|2 years ago|reply
[+] [-] Tutanota|2 years ago|reply
Plus, it's going to help with fighting bills like the Online Safety Bill and Chat Control when huge corporations join us; so bottom line: great news!
[+] [-] dom96|2 years ago|reply
They already have an end-to-end encrypted messaging application: it's called WhatsApp. I have seen so many people (and have myself been) bitten by WhatsApp's E2E implementation: messages lost because your phone was barely online and you "read" the message but didn't fully receive it, leaving you to awkwardly ask people to re-send things. Plus the constant need to backup your messages because if you don't you can lose access to them forever. Plenty of my family have lost messages/images that were sent to them and were important to them.
I'd rather not deal with this. Sometimes I want all my messages to be stored on a big company's servers. They should at least give people the option to choose.
[+] [-] cubefox|2 years ago|reply
> Messenger has always allowed clients to operate off of a small stored local cache, relying on a server-side database for their message history. Neither WhatsApp nor Secret Conversations operated in this manner, and we didn’t want all users to have to rely on a device-side storage system. Instead, we designed an entirely new encrypted storage system called Labyrinth, with ciphertexts uploaded to our servers and loaded on-demand by clients, while operating in a multi-device manner and supporting key rotation when clients are removed.
[+] [-] miohtama|2 years ago|reply
[+] [-] joshspankit|2 years ago|reply
[0] There was this chip bag from a major chip manufacturer and it proudly claimed the bag was plastic free (might even have been compostable), but it was the thinnest, loudest, crinkliest bag you’d ever heard. It seemed like the chip manufacturer board meeting went like this: “The people want us to cut out plastic! For the environment or something. Don’t they know how much easier and more profitable plastic bags are?? You know what? If they want plastic-free we’ll give them plastic-free... We’ll make them regret even asking...”
That bag didn’t last long before it vanished never to be seen again.
[+] [-] Miraltar|2 years ago|reply
The first line of the article suggests that it's an option
[+] [-] rob|2 years ago|reply
Messenger does. You can have a normal chat and a private, end-to-end encrypted chat at the same time with the same person, both completely separate.
[+] [-] tech234a|2 years ago|reply
[1]: https://news.ycombinator.com/item?id=38528306
[+] [-] walterbell|2 years ago|reply
Will Messenger eventually use IETF MLS?
[+] [-] gmerc|2 years ago|reply
[+] [-] purpleidea|2 years ago|reply
I was always very impressed by this-- every service that sends emails should support this. Even banks don't!
[+] [-] macilacilove|2 years ago|reply
E2E messaging is a better product. Offering it free (at a loss) makes it hard to beat.
What's more, some major govts may be prompted to ban E2E, so they keep their data and kill Signal and others, while they are the 'good guys'.
FB can probably create a 99% accurate ad profile on you with just metadata, likes and tracking you on the web. If not they can push local profiling models on your phone.
With all that said, I still think it is a genuinely good thing for humanity as it is now, and I am cautiously optimistic.
[+] [-] nalekberov|2 years ago|reply
Even if they don’t have the key, they don’t even care about messages itself anymore 1. It’s risky business, regulations might hit you hard 2. Metadata is good enough for them 3. They own the client, so they know how to extract more than useful data in the end.
E2EE is important marketing trick nowadays, most users see it as if this makes them completely anonymous to companies like Meta. After all ads are their only source of generating money. They will do whatever it takes to satisfy advertisers, not the users.
[+] [-] dang|2 years ago|reply
[+] [-] anonym29|2 years ago|reply
[+] [-] supermatt|2 years ago|reply